Data Regulations with national reach like South Africa’s POPIA and Brazil’s LGPD, state-wide reach like California’s CCPA and multinational reach like Europe’s GDPR are already mainstream, to the extent where broad scale adoption by organisations has progressed and companies have growing skills and competency in adhering to policies and programs.

Data Privacy and Protection was always considered a CEO and CFO discussion – with financial penalties making headlines for data breaches. As an example, Amazon’s 鈧�746m penalty topped the charts in 2021 due to consent management discrepancies related to cookie collection on web browsers, and the fine was nearly three times larger than that of WhatsApp the same year, who faced a 鈧�225m penalty for a lack of clarity around their data processing practices in their privacy policy.

But is the accountability and business relevance of data privacy and protection changing offices within the C-Suite? While financial risk is always a business concern, could the shift occurring in our now post-pandemic era of business be to the Chief Customer Office?

The shift to loyalty

Pandemic-era consumer behaviour dropped substantially around the world in 2020 and saw partial improvement during 2021. What has changed though, is the prioritisation of certain categories of spend and the shift away from brand alignment in favour of pricing, convenience and other factors. A聽聽delves into one convenience factor, where 60-70% of US consumers in 2021 were shopping in a more omni-channel manner, with social media as a new channel. Brand alignment or loyalty was also impacted by poor stock-on-hand, with over 60% of consumers facing this situation and only 13% being willing to wait for stock to arrive.

Consumer preference has evolved. Relationships with new brands continue to be spawned out of need, interest, spite or frustration. Convenience, frictionless buying and accurate delivery are expected. What brands cannot afford to do now is give consumers a reason to look somewhere else, and the discussion around data privacy, consent, personalised communication and data protection is now a key priority for the most senior executive accountable for customer engagement, customer experience, and customer success.

The attention of a single customer is a hot commodity in the current era of business. The typical new eCommerce customer experience starts at a social media platform, follows a click-through buying process from a sponsored ad or post, requires the customer to select (and deselect) cookie tracking options, and hopefully not get distracted before completing an order, with convenient payment methods that favour the customer. Inject any notification or pop-up from another brand along the way and your customer journey needs to ensure that you remind that customer of their abandoned basket and offer them a limited time discount to come back to the store to complete their order.

This is the current expectation… but improve this through accurate understanding and prediction of their buying preferences and behaviour and you stand a good chance of closing that order and getting repeat purchases. Mess this up and you’ve lost the opportunity. Add a privacy concern, data breach or any friction in the consent management process and you’ve likely lost that customer for life.

Outlook

Financial risk associated with data regulation infringement is obviously still a priority. No business expects to face multimillion Euro penalties in any given financial year, and this would be a hard knock to both the bank balance and the brand’s reputation. Perhaps, to the CFO, this becomes more of a contingency and the likelihood of facing a penalty becomes more commonplace.

The shift in terms of strategy and competitive advantage with regard to data privacy and protection is arguably sitting with the Chief Customer Officer going forward. Customer journeys, customer insights and customer campaigns should always include an element of sense-checking compliance with regulations, even if the tick-box exercise returns the same results each time. Customers have less appetite to force alignment with particular brands. Even in the banking sector, where customers traditionally have held accounts for decades,聽聽for 2022.

The post Who Really Cares about Data Privacy? appeared first on 51风流Africa News Center.

According to Cameron Beveridge, Regional Director Southern Africa at SAP, trust is the key to success in the digital economy.

鈥淧rivacy and trust are essential elements in building strong connections with customers and ensuring a positive customer experience (CX) in today鈥檚 business environment.鈥�

鈥淚n fact, some studies have found that up to 90% of customers believe how their data is treated is indicative of the way they will be treated as a customer, and 91% won鈥檛 purchase from a company if they don鈥檛 trust how their data will be used.鈥�

Cyberattacks complicate compliance

Protecting customer privacy and data is complicated by a growing global cybercrime industry that has increasingly targeted the supply chains of major organisations and economic powers.

Recent ransomware attacks on key US infrastructure have garnered front-page attention. In one example, cybercriminals successfully shut down the Colonial Pipeline,聽.

With data breaches聽, and the Protection of Personal Information Act now fully in effect, the stakes for protecting systems from data breaches have never been higher.

鈥淓nterprise resource planning systems are nerve centres of modern intelligent enterprises, making them prime targets of cybercriminals,鈥� says Beveridge.

鈥淎ttackers know these systems run business-critical applications and house sensitive information, so any data breach could provide access to information they can later use in the service of cybercrime activities.鈥�

Taking 鈥榓ll reasonable steps鈥�

One of the key requirements of POPIA is that organisations have to ensure they take 鈥榓ll reasonable steps鈥� to secure the data of their customers, partners, suppliers and employees.

鈥淭he best run organisations have integrated end-to-end processes that cover the entire breadth of their operations,鈥� explains Beveridge.

鈥淭he productivity and efficiency gains resulting from this are undeniable. However, the wealth of data processed and stored by such systems creates an attractive target for cybercriminals.鈥�

The amount of transactional data in typical ERP systems, for example, represent a veritable gold mine to cybercriminals, as does the information about vendors, suppliers and partners.

鈥淭he more cybercriminals know about the internal operations of a business, the easier they will find vulnerabilities to exploit. However, it鈥檚 not only cybercriminals that pose security or compliance risks.鈥�

Research conducted by IBM and the Ponemon Institute found that the three main causes of data breaches in South African businesses were malicious or criminal attack (48%), human error (26%) and system glitches (26%).

鈥淧OPIA adds further pressure on organisations by both raising the bar for privacy management and by its extensive reach and applicability within modern enterprises,鈥� says Beveridge.

鈥淥rganisations risk underestimating the level of effort required to implement the necessary process and technology changes to be compliant.鈥�

POPIA tips for security and compliance

Beveridge believes the following tips can assist organisations as they strive for full POPIA compliance while also safeguarding their critical business IT infrastructure from malicious attack or negligence.

• Maintain balance聽鈥� effective data management can give organisations a competitive edge, but proper assessment needs to take place early on to ensure regulatory compliance.
• Keep it simple聽鈥� organisations should simplify their governance by establishing a governance model that is aligned with requirements and best practices, and start by evaluating their readiness for POPIA compliance.
• Stay on top聽鈥� by operationalising privacy management and incorporating ways to identify business processes that need to meet privacy compliance requirements, organisations can keep a close watch on any internal processes that should be changed to remain compliant as the business evolves.
• • Automate away聽鈥� data mapping or data crawler solutions can reduce the time and effort needed to identify all repositories of personal information, as well as their owners within and outside the organisation.
  • Educate employees聽鈥� every employee needs to understand their responsibility under POPIA, which requires regular and ongoing education and training. Organisations should prioritise a process of ongoing POPIA and cybersecurity training to ensure alignment throughout the business.
  • Integrate threat detection聽鈥� an enterprise threat detection solution can provide insight into suspicious activities in an organisation鈥檚 ERP and related business applications, allowing the organisation to identify breaches as they occur and react in real time to neutralise any dangers.

  For more information download the whitepaper 鈥撀�

The post Six POPIA Tips for Securing Your ERP System appeared first on 51风流Africa News Center.

According to Cameron Beveridge, Regional Director for Southern Africa at SAP, the new requirements offer an opportunity to local businesses to build trust with their customers. 鈥淣ew data privacy laws such as POPIA and Europe鈥檚 GDPR are designed to give individuals greater control over how and where their personal information is used. As organisations update their systems and processes to ensure compliance, they have the opportunity to deepen trust with their customers while also improving the overall customer experience.”

POPIA requires that organisations:

• Only collect information for specific purposes,
• Ensure the information is correct and up to date,
• Have security measures in place to protect the information,
• Only keep necessary information, and
• Allow citizens to access or view their information upon request.

鈥淎t the centre of this new dynamic is the concept of consent,鈥� says Beveridge. 鈥淭his requires that organisations implement an opt-in and opt-out system to allow individuals to choose whether they want an organisation to store or use their personal information.鈥�

Non-compliance to POPIA carries heavy penalties of up to ten years鈥� imprisonment or R10-million in administrative penalties. 鈥淥rganisations need to maintain proof of how, when, where and why they collected and processed customer data, and be able to provide transparency into how they collect and use customers鈥� data.聽However, managing this process manually is virtually impossible. Organisations should instead seek technology tools that can transparently present, collect and manage customer consent and help them manage customer profiles and preferences.”

51风流currently offers that improve the storing, processing and management of customer data. 鈥淚deally, you want an audit-ready solution that presents and captures customers鈥� consent and preferences, maintains accurate records and consistent consent enforcement, and gives customers control through a self-service preference centre. As more of our interactions take place digitally in this new era of social distancing, having the correct tools in place to manage customer data while remaining compliant to legislation can also directly contribute to an improved customer experience – one of the driving factors for any successful modern business.鈥�

The post POPI Act an Opportunity to Deepen Trust Between Organisations, Consumers appeared first on 51风流Africa News Center.